public static byte[] createX25519KeyShare(NamedGroup group, BigInteger privateKey) { if (!group.isCurve() || group.isStandardCurve()) { throw new IllegalArgumentException( "Cannot create ClassicEcPublicKey for group which is not a classic curve:" + group.name()); } byte[] privateKeyBytes; if (privateKey.toByteArray().length != 32) { LOGGER.warn("ECDH_25519 private Key is not 32 byte - using as much as possible and padding the rest with Zeros."); privateKeyBytes = Arrays.copyOf(privateKey.toByteArray(), 32); } else { privateKeyBytes = privateKey.toByteArray(); } LOGGER.debug("Clamping private key"); Curve25519.clamp(privateKeyBytes); byte[] publicKey = new byte[32]; Curve25519.keygen(publicKey, null, privateKeyBytes); return publicKey; }
public static ECPoint createClassicEcPoint(NamedGroup group, BigInteger privateKey) { if (!group.isStandardCurve()) { throw new IllegalArgumentException( "Cannot create ClassicEcPublicKey for group which is not a classic curve:" + group.name()); } ECDomainParameters ecDomainParameters = generateEcParameters(group); ECPoint ecPoint = ecDomainParameters.getG().multiply(privateKey); ecPoint = ecPoint.normalize(); return ecPoint; }
public static CustomECPoint createClassicEcPublicKey(NamedGroup group, BigInteger privateKey) { if (!group.isStandardCurve()) { throw new IllegalArgumentException( "Cannot create ClassicEcPublicKey for group which is not a classic curve:" + group.name()); } ECDomainParameters ecDomainParameters = generateEcParameters(group); ECPoint ecPoint = ecDomainParameters.getG().multiply(privateKey); ecPoint = ecPoint.normalize(); if (ecPoint.isInfinity()) { // TODO ??? return new CustomECPoint(BigInteger.ZERO, BigInteger.ZERO); } return new CustomECPoint(ecPoint.getRawXCoord().toBigInteger(), ecPoint.getRawYCoord().toBigInteger()); }
private void prepareKeyShare() { if (entry.getPrivateKey() == null) { if (chooser.getConnectionEndType().equals(ConnectionEndType.CLIENT)) { entry.setPrivateKey(chooser.getClientEcPrivateKey()); } if (chooser.getConnectionEndType().equals(ConnectionEndType.SERVER)) { entry.setPrivateKey(chooser.getServerEcPrivateKey()); } } if (entry.getGroupConfig().isStandardCurve()) { ECPoint ecPublicKey = KeyShareCalculator .createClassicEcPoint(entry.getGroupConfig(), entry.getPrivateKey()); List<ECPointFormat> pointFormatList = chooser.getServerSupportedPointFormats(); ECPointFormat[] formatArray = pointFormatList.toArray(new ECPointFormat[pointFormatList.size()]); byte[] serializedPoint; try { serializedPoint = ECCUtilsBCWrapper.serializeECPoint(formatArray, ecPublicKey); } catch (IOException ex) { throw new PreparationException("Could not serialize clientPublicKey", ex); } entry.setPublicKey(serializedPoint); } else if (entry.getGroupConfig().isCurve() && !entry.getGroupConfig().isStandardCurve()) { byte[] publicKey = KeyShareCalculator.createX25519KeyShare(entry.getGroupConfig(), entry.getPrivateKey()); entry.setPublicKey(publicKey); } else { throw new UnsupportedOperationException("The group \"" + entry.getGroupConfig().name() + "\" is not supported yet"); } LOGGER.debug("KeyShare: " + ArrayConverter.bytesToHexString(entry.getPublicKey().getValue())); }